Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
Github GHSA |
GHSA-wx44-2q6h-j6p8 | DeepSeek TUI: run_tests Tool Enables RCE via Malicious Repository Without Approval |
Mon, 01 Jun 2026 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 29 May 2026 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Hmbown
Hmbown codewhale |
|
| Vendors & Products |
Hmbown
Hmbown codewhale |
Thu, 28 May 2026 18:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | CodeWhale is a DeepSeek + MiMo coding agent in terminal. From 0.3.0 to 0.8.23, the run_tests tool executes cargo test in the workspace with ApprovalRequirement::Auto, meaning it runs without any user approval prompt. cargo test compiles and executes arbitrary code: test binaries, build.rs build scripts, and proc macros. While auto-approving test execution is a deliberate design choice, it creates an inconsistency in the security boundary. However, in a malicious repository, test code can execute arbitrary shell commands, exfiltrate credentials, or establish persistence with zero approval. The attack is amplified by AGENTS.md (auto-loaded into the system prompt), which can instruct the model to run tests proactively at session start. This vulnerability is fixed in 0.8.23. | |
| Title | CodeWhale: run_tests Tool Enables RCE via Malicious Repository Without Approval | |
| Weaknesses | CWE-94 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-06-01T19:09:50.099Z
Reserved: 2026-05-11T20:50:30.538Z
Link: CVE-2026-45311
Updated: 2026-06-01T19:09:14.092Z
Status : Deferred
Published: 2026-05-28T18:16:35.170
Modified: 2026-06-01T21:16:45.620
Link: CVE-2026-45311
No data.
OpenCVE Enrichment
Updated: 2026-05-29T15:48:09Z
Github GHSA